This is the privacy notice of The Hospital Saturday Fund. In this document, “we”, “our”, or “us” refer to The Hospital Saturday Fund. The Hospital Saturday Fund is a Data Controller. We are a Registered Charity in the UK No 1123381 and in Ireland Registered Charity No 20104528. Our registered offices are at 24 Upper Ground, London, SE1 9PD and 5 Westgate Business Park, Kilrush Road, Ennis, Co Clare Ireland.

Individual Grant Applications
If you make an application for a grant, we collect three types of information: your personal details, your medical details and financial details.

Correspondence

Emails, telephone calls and any other correspondence is collected and retained when communicating with supporter organisations.

Personal details
The personal details we collect are: your personal and contact details including name, address, date of birth, email address and telephone numbers, your occupation and the ages of any dependent children.

Medical details
The medical details we collect are: any medical condition, illness or incapacity you have (or have had). A copy of this information is kept securely by The Hospital Saturday Fund and our technology suppliers.

Financial details
The financial details we collect are a breakdown of the average weekly family income. This information will be used for the purposes of assessing a grant application. A copy of this information is kept securely by The Hospital Saturday Fund (and temporarily by our technology suppliers).

Payment Details
The payment details you provide will be used for electronic payments to be made to the account you provide. A copy of this information is kept securely by The Hospital Saturday Fund.

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

When you make an application for a grant, for this to happen we will need to process your personal data as part of the process. The purpose of the processing in this case would be legitimate interest, except where your rights as a data subject override legitimate interest or the applicant has given us their consent.

Where we have a legal or regulatory obligation to use your personal information, for example, when our regulators, the Prudential Regulatory Authority (PRA), the Financial Conduct Authority (FCA), the Information Commissioner’s Office, Central Bank of Ireland (CBI) or Data Protection Commission (DPC) ask us to maintain certain records of any dealings with you.

Where we need to use your personal information to establish, exercise or defend our legal rights, for example when we are faced with any legal claims, or where we want to make any claims ourselves.

Where we need to use your sensitive personal information such as health data because it is necessary for your vital interests, an example would be a life-or-death matter.

We may also aggregate your personal data in a general way and use it to provide class information, for example to monitor our performance with respect to a particular service we provide. If we use it for this purpose, you as an individual will not be personally identifiable.

The following are some examples of when and why we would use this approach:

• To improve and enhance our services When we do process your data, we will use it to benefit you and to make your experience better and to improve our products and services.
• Your best interest Processing your information to protect you against fraud when transacting on our website, and to ensure our websites and systems are secure.
• Personalisation Where the processing enables us to enhance, modify, personalise or otherwise improve our services/communications for the benefit of our customers.
• Research To determine the effectiveness of promotional campaigns and advertising and to develop our products, services, systems and relationships with you.
• Due Diligence We may need to conduct investigations on existing customers, potential customers and business partners to determine if those companies and individuals have been involved or convicted of offences such as fraud, bribery and corruption.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Regulatory Bodies
Where there is a legal obligation on The Hospital Saturday Fund to collect, process and share information with a third party, for example:

• Financial Ombudsman Services
• Fraud Prevention Agencies
• Data Protection Authorities

The information provided will be held, processed and shared with others solely for the purpose of meeting The Hospital Saturday Fund ‘s legal obligations.

Third Parties and Group Organisations

The Hospital Saturday Fund may also share aspects of the personal information on occasions with organisation to enable continuity of service, these include:

• The Medical Support who is making the application on their behalf.
• IT Support & Technical Service Providers.
• Service providers to assist in the continuity and provisions of benefits if applicable.
• We share and store the information we collect, including your Personal Information to assist us administering your grant application through a CRM platform.

Security and Compliance
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

The disclosure of personal information to the affiliates and other third parties set out above may involve the transfer of data outside the EU, EEA or states that are considered ‘adequate’. Where we need to engage a third party which operates outside of Europe those considered ‘adequate’ for the provision of services, then we would ensure that an equivalent degree of protection is provided by implementing appropriate technical measures and legal safeguards and standard contractual clauses as required by the legislation.

Except as otherwise mentioned in this privacy notice, we keep your personal information only for as long as required by us:

• to provide you with the services you have requested;
• to comply with other law, including for the period demanded by our tax authorities;
• to support a claim or defence in court.

In line with our current retention policy, personal data is retained for at least 6 years but no more than 7 years, after contact was made with the Hospital Saturday Fund.

If you do not provide information, we may not be able to:

• Assess a grant application
• Contact you in relation to your grant application

Access to your Data

You have the right to request a copy of all information about you held by The Hospital Saturday Fund.

Data Portability

You have the right to exercise your right to data portability in certain circumstances.

What if you want us to stop using your personal information?

You have the right to object to our use of your personal information, or to ask us to delete, remove, or stop using your personal information if there is no need for us to keep it. There may be legal or other official reasons why we need to keep or use your data. However please tell us if you think that we should not be using it. We may sometimes be able to restrict the use of your data. This means that it can only be used for certain things, if this is the case we would not use or share your information in other ways whilst it is restricted. You can ask us to restrict the use of your personal information if:

• It has been used unlawfully but you don’t want us to delete it.
• You have already asked us to stop using your data, but you are waiting for us to tell you if we can keep on using it.

If you wish to exercise any of your above rights, you can do so by contacting the Data Protection Officer.

Verification of your information

When we receive any request to access, edit or delete personal identifiable information, we shall first take reasonable steps to verify your identity before granting you access or otherwise taking any action. This is important to safeguard your information.

Right to complain

Should you not be happy with the way we handle your personal data, you have the right to complain. You can do so by contacting the Data Protection Officer. If your complaint reasonably requires us to contact a third party, we may decide to give to that third party some of the information contained in your complaint. We do this as infrequently as possible, but it is a matter for our sole discretion as to whether we do give information, and if we do, what that information is. You also have a right to lodge a complaint with the supervisory: UK: Information Commissioner Office Ireland: Data Protection Commissioner

Data Protection Officer contact details:

UK Address:
The Hospital Saturday Fund 24 Upper Ground, London. SE1 9PD. 

DPO@hsf.eu.com

Our privacy policy has been compiled so as to comply with the law of every country or legal jurisdiction in which we aim to do business. If you think it fails to satisfy the law of your jurisdiction, we should like to hear from you. However, ultimately it is your choice as to whether you wish to use our website.

We may update this privacy notice from time to time as necessary. The terms that apply to you are those posted here on our website on the day you use our website. We advise you to print a copy for your records. If you have any question regarding our privacy policy, please contact us.

Last updated September 2025